CTAB Tuesday, January 28, 2020

New Meeting Date/Time Tue 1PM ET / 10 AM PT


  • David Bantz, University of Alaska (chair) 
  • Mary Catherine Martinez, InnoSoft (vice chair) 
  • Pål Axelsson, SUNET 
  • Brett Bieber, University of Nebraska 
  • Tom Barton, University Chicago and Internet2, ex-officio 
  • Brad Christ, Eastern Washington University, InCommon Steering Representative to CTAB, ex-officio 
  • Richard Frovarp,  North Dakota State 

  • Eric Goodman, UCOP - TAC Representative to CTAB 
  • Jon Miner, University of Wisc - Madison
  • John Pfeifer, University of Maryland  
  • Chris Whalen, Research Data and Communication Technologies 
  • Robert Zybeck, Portland Community College 
  • Ann West, Internet2 
  • Albert Wu, Internet2 
  • Emily Eisbruch, Internet2 
  • Nick Roy, Internet2 
  • Jessica Coltrin, Internet2 


  • Jule Ziegler,  Leibniz Supercomputing Centre

  • Chris Hable, University of Michigan
  • Rachana Ananthakrishnan, Globus, University of Chicago 
  • Ercan Elibol, Florida Polytech Institute 

New Action Items from this call 

    • AI ChrisW conduct a doodle poll or other survey to find out what will work best for a 2020 CTAB F2F 
    • AI Albert work with a CTAB volunteers (Pal, perhaps DavidB and Brett and Jon) to create and present a Global Summit lightning talk


 Face to Face CTAB meeting in 2020

  • Potential locations: 
    • Internet2 Global Summit - March 29 to April 1, 2020 in Indianapolis 
    • BaseCAMP in Milwaukee, June 24-26, 2020
    • GÉANT -Stockholm in March 24-25, 2020  https://eventr.geant.org/events/3250
    • TechEx 2020 -: 2020 TechEx  is Oct 05–08, 2020 Location TBA
    •     Eric C, John P: likely to attend TechEx 
      • AI ChrisW will conduct a doodle poll or other survey to find out what will work best for a 2020 CTAB F2F 

 2020 Global Summit Lightning Talk

    • Target audience at Global  Summit may have shifted over the years to more CIO and fewer technical attendees
    • AI Albert work with a CTAB volunteers (Pal, perhaps DavidB and Brett and Jon) to create and present Global Summit lightning talk

Community consensus and specific steps needed for Baseline Expectations V2 (Tom)

  • https://www.incommon.org/federation/community-consensus/
    • Graphic in Appendix A is helpful in understanding the community consensus process
    • CTAB needs  
      • CTAB moderator/convener identified (this will be important role)
      • wiki page established with info as described in the doc
      • email list for this instance of the community consensus process  (consensus-TOPIC-discuss list)
      • An initial BE  v2 proposal from CTAB  (Publish a position, problem statement, or proposal that will serve to focus this discussion.)
    • The process includes outreach to the community (InCommon participants list) to kick off the process
    • Inviting community members to sign up for the consensus-TOPIC-discuss email discussion email list
      • CTAB  members may need to reach out to get people to sign up for the consensus-TOPIC-discuss email list so all stakeholders are represented
    • There will be Initial Q&A
    • Will try to achieve an Initial consensus
    • Moderator will announce what the rough consensus seems to be
    • There will be a revision of the initial proposal
    • Moderator will report to the InCommon participants list
    • CTAB will have netted out consensus position
    • Another Q&A period (last chance)
    • Updates will be made on the wiki page, a record of how it went
    • Revision to baseline expectations https://www.incommon.org/federation/baseline-expectations-for-trust-in-federation/
    • Do implementation planning
    • Go thru Internet2 community consultation process (4-6 weeks)  
    • Question: what is the relationship between the proposal doc and the BE Draft v2 doc and the clarification doc (linked below)?

      • Question: should we include in the community consensus proposal doc these longer-term goal items that are not in immediate scope for 2020? 
        • Support for REFEDs MFA profiles  (for future)

        • Support for Attribute bundles such as R&S  Bundle (for future)
      • Thoughts: could have a backlog section in the community consensus proposal doc. 
      • TomB: suggestion that we cover a more limited list in the community consensus proposal communications

        Who will be the moderator for this consensus process?
      • DavidB is interested, but should the moderator be someone besides the CTAB chair?
      • Jon Miner is interested in serving as moderator but is busy for next few weeks and does not have time to draft the consensus proposal doc 
      • Albert can help draft the consensus proposal doc
      • DECISION: David Bantz will be moderator of this initial community consensus process

 Operational/technical constraints on measuring/enforcing BE (Nick)

    • This is a discussion to provide background on other activities on in Trust and Identity operations that may impact baseline expectations work
    • Nick likes the priorities for this  proposed version of Baseline Expectations
    • There is a current focus within Trust and Identity on updating the internal Identity Management infrastructure 
    • Internet2 is deploying Trusted Access Platform (COmanage and Grouper and SATOSA proxy) to manage working groups and more.
    • This work can help with InCommon contact management

    • InCommon Federation Contact Information
      • For contact information, the InCommon’s data was not in good shape previously, but BE V1 helped get it much improved
      • There is much business process wrapped around changes to InCommon contacts
      • Workload for the InCommon registration authority staff 
      • Have wanted to automate
      • The plan is to integrate Federation manager with the IdM platform
      • Allowing InCommon execs or their delegates to manage the InCommon roles
        • Will  help maintain the contact data
      • Must get IDM work done for the integration into Federation  Manager
        • A consultant is working on this 
        • It feeds into the work being done for Baseline Expectations
        • Likely timeframe: End of 2020 before InCommon contact checking will be ready 

    • Security operations and measurement and enforcement of SIRTFI
      • Shannon Reddy of InCommon is working on endpoint analysis
      • Some backend work is needed to support this
      • Likely: End of 2020 before this work is done

      • Concern: Could be a disservice  to SIRTFI to have organizations say they are capable of doing SIRTFI if they are not actually willing to commit to do the things needed
      • May want to find a way to encourage community support for SIRTFI without requiring it as a checkbox for BE v2
      • It was noted that what we’re asking around SIRTFI in the current draft is pretty modest
      • We talked about making SIRTFI V1 adherence a BE element
      • There are a few operational requirements for this
      • Some organizations may need operational work to handle SIRTFI
      • Could be intimidating to some organizations
      • TomB: Baseline Expectations must go some places that are challenging for organizations


(New in DRAFT BE 2.0) The IdP complies with the requirements of the REFEDS Security Incident Response Trust Framework v1.0 for Federated Identity and attests compliances in the Federation Manager [Sirtfi].

(New in DRAFT BE 2.0) The SP complies with the requirements of the Security Incident Response Trust Framework v1.0 for Federated Identity. [Sirtfi]

  • Thanks to Nick for joining this CTAB call, providing helpful input on practical aspects of proposed BE v2 items

Not discussed on this call

  • (10 min) Rough timeline (all) [postponed]
  • (10 min) Review unresolved questions in statements on BE v2 (all) [postponed]

Next CTAB Call: Tuesday, Feb 11, 2020

  • No labels